The Online Trust Alliance says nearly twice the number of Top 500 e-retailers meet the Honor Roll criteria this year, a sign that web merchants are taking customer privacy and security more seriously.

More of North America’s largest online retailers are getting serious about protecting consumer privacy and defending themselves against cyberattacks.

That’s according to an annual audit released today at the Internet Retailer Conference & Exhibition in Chicago by not-for-profit organization Online Trust Alliance. The report finds that about 42% of merchants ranked in the Internet Retailer 2015 Top 500 Guide—212 retailers—meet the criteria for the 2015 Online Trust Honor Roll, up from 24% in 2014.

This improvement is due to nearly 100 retailers that fell just short of the threshold last year making the required improvements to push them over the top. And that meant doing more than what would have been required last year, says Craig Spiezle, OTA executive director.

“The online threat landscape is constantly evolving and our latest audit reflects that,” Spiezle says. “Even companies with top scores on the Honor Roll last year would have failed this year had they not adopted the latest best practices. These practices are achievable for retailers of any size. We commend those retailers who took the necessary steps to ensure responsible data stewardship.”

The OTA report, in its seventh year, examines the brand protection, security and privacy protection practices of nearly 1,000 websites, including those maintained by merchants in the Top 500 Guide. Sites were analyzed based on the adoption of industry-accepted best practices, open standards and privacy policies, and practices that comply with industry norms.


For the third year in a row, OTA ranks online greeting card merchant American Greetings as the most trustworthy online retailer in North America. Netflix, ranked ninth, was the only other merchant that appeared in the top 10 last year to make the top 10 this time.

“At Netflix, maintaining the trust of our 62 million global members is paramount,” says Lara Kehoe Hoffman, global director of data privacy and security at Netflix. “Critical to our success is our commitment to protecting the privacy and security of consumer personal data.”

Approximately 45% of the Top 500 not only did not qualify for the Honor Roll, but failed at least one component of the audit, OTA says. A failure typically means the retailer is especially vulnerable to an existing online security threat, is not adequately protecting consumers from phishing threats or has insufficient privacy policies.

Following are the retail websites, in alphabetical order, receiving top 10 honors, (technically 11 merchants due to a tie) followed by their Internet Retailer Top 500 ranking:

  1. American Greetings, No. 284
  2. Cabela’s Inc., No. 63
  3. Drs. Foster & Smith, No. 148
  4. Fanatics Inc., No. 45
  5. GameStop Corp., No. 58
  6. The Honest Co. Inc., No. 195
  7., No. 203
  8. Kate Spade, No. 152
  9. LivingSocial Inc., No. 206
  10. Netflix Inc., No. 6
  11. SparkFun Electronics, No. 463